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DETAILED ACTION 
Remarks 

1. In view of the Appeal Brief filed on Ol-May-2006, PROSECUTION IS HEREBY 
REOPENED. New grounds of rejection are set forth below. 

To avoid abandonment of the application, appellant must exercise one of the following 
two options: 

(1) file a reply under 37 CFR 1.111 (if this Office action is non-final) or a reply under 37 
CFR 1.1 13 (if this Office action is final); or, 

(2) request reinstatement of the appeal. 

If reinstatement of the appeal is requested, such request must be accompanied by a 
supplemental appeal brief, but no new amendments, affidavits (37 CFR 1.130, 1.131 or 
1.132) or other evidence are permitted. See 37 CFR 1.193(b)(2). 

2. Claims 1-14 are presently pending in the application, of which, claims 1 and 9 are presented 
in independent form. 

Claim Objections 

3. Claims 1-2, 9 and 1 1 are objected to because they recite a function following the term for 
(e.g., "system for use by clients" in claim 1, line 1; "communication link for access by an 
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authenticated user" in claim 1, line 4; "session assignment for accessing" in claim 2, line 4; 
"identifying clients for access" in claim 9, line 4; and "identifying clients for accessing" in 
claim 11, line 2), which indicates "intended use". 

Claim elements following the term for are not interpreted as functional requirements of 
the claims, unless the claims are amended to recite the limitations in an affirmative format 
(i.e., "system used by clients" instead of "system for use by clients", and "communication 
link providing access, by an authenticated user. ..." instead of "communication link for 
access by an authenticated user ", in claim 1 .) 

Appropriate corrections are recommended in order to consider the limitations following 
the term for as required functional elements for the above claims. 

Claim Rejections - 35 USC § 112 

4. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

5. Claims 1-9 are rejected under 35 U.S.C. 1 12, second paragraph, as being indefinite for failing 
to particularly point out and distinctly claim the subject matter which applicant regards as the 
invention. 

Claims 1 and 3 recite the limitation, "adapted to", which renders the claim indefinite. 
Neither the specification or the claims of the instant application defines the term "adapting". 
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For the purpose of continued examination of this application, the examiner interprets 
"adapted to" to mean "configured to". 

Claims 2-9 are rejected under 35 U.S.C. 1 12, second paragraph, as dependents of 
independent claim 1. 

Appropriate corrections are required. 



Claim Rejections - 35 USC §101 

6. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or 
any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and 
requirements of this title. 

7. Claims 1-14 are rejected under 35 U.S.C. 101 because they include non-statutory subject 
matter. 

Claim 1 recites, "an automated authentication handling system", "comprising a server 
adapted to establish a two-way trusted communication link". The claim fails to establish a 
clear result (leave alone a "tangible", "concrete", and "useful" result.) 

Claim 9 recites, "a method for automatically authenticating a client" comprising the steps 
of "identifying clients", and "establishing a two-way trusted communication link between a 
client and an application server. . ..". the claim fails to establish a tangible result. 

"Establishing" a "two-way trusted communication link" appears to be a decision based on 
whether or not the user is authenticated and further depending on a list of application servers 
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associated with a client identifier. Neither independent claim mentioned above 
communicates or presents the result ("establishment of the link") to the user. Nor is any 
indication of such "established communication" stored anywhere in memory. 

Claims 2-8 and 14 are rejected under 35 U.S.C. 101 as dependents of rejected claim 1. 

Claims 10-13 are rejected under 35 U.S.C. 101 as dependents of rejected claim 9. 

Appropriate corrections are required. 



Claim Rejections - 35 USC §103 
8. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 
rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 



9. Claims 1-14 are rejected under 35 U.S.C. 103(a) as being unpatentable over Gudbiartsson et 
al (U.S. Publication No. 2001/0027519 Al, hereinafter referred to as Gudbiartsson) in view 
of Reed et al (U.S. Patent No. 5,862,325, hereinafter referred to as Reed .) 

As to claim 1, Gudbiartsson teaches an automated (see Abstract and see paragraph 3) 
authentication handling system (see paragraphs 8, 10, and 31) for use by clients (see 
paragraphs 29 and 31) on a network (see paragraphs 29, 31 and 34) comprising: 
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an authentication server (see paragraph 31, where "authentication server" is read on 
"system server 101 authenticates the user") adapted to establish a two-way (see paragraphs 8, 
29 and 30) trusted communication link (see "secure environment" in paragraphs 7 and 9; and 
see paragraphs 29 and 30, where "trusted" is the security provided by the 'firewall 202') 
associated with a client identifier (see "personal identifiers" in paragraphs 30 and 56.) 

Gudbiartsson does not teach a link for access by an authenticated user to a list of 
application servers. 

Reed teaches a computer-based communication system (see Abstract), in which he 
teaches a link (see column 26, lines 60-66) for access by an authenticated user (see column 
26, lines 14-16) to a list of application servers (see figures 30, 31 A, and 31B, and see column 
103, lines 61-67, and column 104, lines 24-30.) 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Gudbiartsson by the teaching of Reed, 
because including a link for access by an authenticated user to a list of application servers, 
would enable the system to provide secure means for authenticated clients to access desired 
web sites hosted by various servers throughout a network. For example, the system can 
provide a directory of partner service servers to the users, as taught by Reed. 

As to claim 2, Gudbiartsson as modified teaches wherein the authentication server (see 
Gudbiartsson , paragraph 31, where "authentication server" is read on "system server 101 
authenticates the user") includes: 
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an identification engine configured to maintain collections of session assignments for 
accessing the application servers, each of the session assignment collections being associated 
with the client identifier (see Gudbjartsson, paragraphs 6-8, where "session assignment" is 
read on "security zones or domains".) 

As to claim 3, Gudbjartsson as modified teaches wherein said identification engine is 
adapted to receive client identifiers from said clients (see Gudbjartsson, paragraph 56) to 
establish authenticated users (see Gudbjartsson , paragraph 37) and responsive thereto to 
provide a user interface to access said application servers according to said associated session 
assignments (see Gudbjartsson , paragraph 29.) 

As to claims 4 and 5, Gudbjartsson as modified teaches wherein the authentication 
server (see Gudbjartsson, paragraph 31, where "authentication server" is read on "system 
server 101 authenticates the user") includes: 

a communication initiator engine (see Gudbjartsson , paragraph 39) configured to 
establish the trusted communication link between the authenticated users and an application 
server (see Gudbjartsson , "secure environment" in paragraphs 7 and 9; and see paragraphs 
29 and 30, where "trusted" is the security provided by the 'firewall 202'.) 



As to claim 6, Gudbjartsson as modified teaches wherein the session assignments 
include data fields (see Reed , column 67, line 64 through column 68, line 3) selected from 
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the group consisting of session timeout and application access level (see Reed, column 70, 
line 63 through column 70, line 10.) 

As to claim 7, Gudbiartsson as modified teaches wherein the client identifier includes a 
user id (see Gudbiartsson, paragraph 35, where "user id" is read on "username") and 
password (see Gudbiartsson, paragraphs 50-54.) 

As to claim 8, Gudbiartsson as modified teaches wherein the authentication server (see 
Gudbiartsson , paragraph 31, where "authentication server" is read on "system server 101 
authenticates the user") includes a processor under the control of software (see "central 
processing unit" in Gudbiartsson , paragraph 25) to: 

receive an authentication signal from the client (see Gudbiartsson , paragraph 56, and see 
Reed, column 28, lines 25-37); 

provide an application access interface to the client in response to the authentication 
signal (see Reed , figures 22-24); and 

establish the trusted communication link between the client and an application server 
selected from the application access interface (see Gudbiartsson , "secure environment" in 
paragraphs 7 and 9; and see paragraphs 29 and 30, where "trusted" is the security provided 
by the 'firewall 202'.) 



As to claim 9, Gudbiartsson teaches a method for automatically authenticating a client 
(see paragraphs 10 and 3 1) for a servers (see paragraphs 29 and 31) comprising the steps of: 
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providing an authentication server (see paragraph 31, where "authentication server" is 
read on "system server 101 authenticates the user"); 

identifying clients for access to the application servers by the authentication server (see 
paragraphs 7 and 35.) 

Gudbiartsson does not teach a plurality of application servers and a link for access by an 
authenticated user to a list of application servers associated with a client identifier. 

For the above teaching, the applicant is directed to the remarks and discussions made in 
claim 1 above, in view of the teachings of Reed . 

As to claim 10, Gudbiartsson as modified teaches wherein the identifying step includes: 
providing session parameters for each of the identified clients for at least one of the 

application servers (see Gudbiartsson , paragraphs 6-8, and see Reed , column 34, lines 18- 

47.) 

As to claim 1 1, Gudbiartsson as modified teaches wherein the identifying step includes: 
providing a user interface to the identified clients for accessing the application servers 
(see Gudbiartsson , paragraphs 35 and 50-54, and see Reed , column 68, lines 9-13.) 



As to claim 12, Gudbiartsson as modified teaches wherein said establishing step 
includes: 



Application/Control Number: 09/675,399 Page 10 

Art Unit: 2165 

using said session parameters (see Gudbiartsson, paragraphs 6-8) to establish said 
trusted communication link (see Gudbiartsson, "secure environment" in paragraphs 7 and 9; 
and see paragraphs 29 and 30, where "trusted" is the security provided by the 'firewall 202'.) 

As to claim 13, Gudbiartsson as modified teaches wherein the user interface includes a 
listing of application servers (see Reed , figures 30, 31 A, and 3 IB, and see column 103, lines 
61-67, and column 104, lines 24-30) and the establishing step is initiated following a 
selection of an application server by a user from the user interface (see Reed , column 26, 
lines 47-64.) 

As to claim 14, Gudbiartsson as modified teaches the method further comprising a 
plurality of application servers connected to the network (see Reed, figures 30, 31 A, and 
31B, and see column 103, lines 61-67, and column 104, lines 24-30), each requiring 
authentication for access (see Gudbiartsson , paragraphs 37 and 48, and see Reed , column 
153, lines 20-23.) 

Response to Arguments 

10. Applicant's arguments filed in the Appeal Brief filed on Ol-May-2006 with respect to the 
rejected claims in view of the cited references have been fully considered but they are moot 
in view of the new grounds for rejection. 
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Conclusion 



1 1 . Any inquiries concerning this communication or earlier communications from the examiner 
should be directed to Tony Mahmoudi whose telephone number is (571) 272-4078. The 
examiner can normally be reached on Mondays-Fridays from 08:00 am to 04:30 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Jeffrey Gaffin, can be reached at (57 1)272-4 146. y, A /> / 
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